There are quite a way to protect yourself from DDoS which you can use depending on the type of DDoS attack.
DDoS protection usually identify and close all the possible system apps that have vulnerabilities in your system and closing all ports that's affected, removing unimportant access from the system and hide your server behind a proxy or CDN system.
When you are attacked with low magnitude DDoS, you will needing the help firewall, which can help in filtering out DDoS traffic.
But if it's high volume of DDoS attack like in gigabits etc, then you should needing the help of a DDoS protection service provider that address the whole system.
You need to be careful while selecting a DDoS protection service provider. There are many service providers that want to take advantage of your situation.
If you inform them that you are under DDoS attack,they will start offering you many type of services at unreasonable costs.
I suggested a working solution which starts with getting a good DNS solution provider, that is flexible enough to configure A and CNAME records for your website. Ater that you will needing a good CDN provider that handle a big DDoS traffic and provide you DDoS protection service as a part of their package( CDN).
Assuming your server IP address is 129.2xx.xxx.xxx. Then you should do the following DNS configuration −
Create a A Record in DNS zone file as shown below with a DNS identifier, for example, ARECORDID and keep it secret from the outside world.
Now ask your CDN provider to link the created DNS identifier with a URL, something like cdn.someotherid.domain.com.
You need to use the CDN URL cdn.someotherid.domain.com to create two CNAME databases. the first one will be pointing to www and the second record is to point to @
You may a help from your system administrator to understand these points and to configure your DNS and CDN appropriately.
Create a A Record in DNS zone file as shown below with a DNS identifier, for example, ARECORDID and keep it secret from the outside world.
Now ask your CDN provider to link the created DNS identifier with a URL, something like cdn.someotherid.domain.com.
You need to use the CDN URL cdn.someotherid.domain.com to create two CNAME databases. the first one will be pointing to www and the second record is to point to @
You may a help from your system administrator to understand these points and to configure your DNS and CDN appropriately.
After that you will have the following configuration at your DNS.
Now, let the CDN provider handle all the DDoS attacks and your system will remain safe.
But do not disclose your system's IP address or A record identifier to anyone else direct attacks will start again.
Now, let the CDN provider handle all the DDoS attacks and your system will remain safe.
But do not disclose your system's IP address or A record identifier to anyone else direct attacks will start again.
0 comments:
Post a Comment